Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
0e868201 by security tracker role at 2018-10-04T08:10:23Z
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,4 +1,22 @@
-CVE-2018-17972 [Information leak via /proc/$pid/stack]
+CVE-2018-17979
+ RESERVED
+CVE-2018-17978
+ RESERVED
+CVE-2018-17977
+ RESERVED
+CVE-2018-17976
+ RESERVED
+CVE-2018-17975
+ RESERVED
+CVE-2018-17974 (An issue was discovered in Tcpreplay 4.3.0 beta1. A heap-based
buffer ...)
+ TODO: check
+CVE-2018-17973
+ RESERVED
+CVE-2018-17971
+ RESERVED
+CVE-2018-17970
+ RESERVED
+CVE-2018-17972 (An issue was discovered in the proc_pid_stack function in ...)
- linux <unfixed>
NOTE: https://marc.info/?l=linux-fsdevel&m=153806242024956&w=2
CVE-2018-17969 (Samsung SCX-6545X V2.00.03.01 03-23-2012 devices allows remote
...)
@@ -185,10 +203,10 @@ CVE-2018-17884 (XSS exists in
admin/gb-dashboard-widget.php in the Gwolle Guestb
NOT-FOR-US: WordPress plugin gwolle-gb
CVE-2018-17882
RESERVED
-CVE-2018-17881
- RESERVED
-CVE-2018-17880
- RESERVED
+CVE-2018-17881 (On D-Link DIR-823G 2018-09-19 devices, the GoAhead
configuration ...)
+ TODO: check
+CVE-2018-17880 (On D-Link DIR-823G 2018-09-19 devices, the GoAhead
configuration ...)
+ TODO: check
CVE-2018-17879
RESERVED
CVE-2018-17878
@@ -806,7 +824,7 @@ CVE-2018-17584
RESERVED
CVE-2018-17583
RESERVED
-CVE-2018-17582 (tcpreplay v4.3.0 contains a heap-based buffer over-read. The
...)
+CVE-2018-17582 (Tcpreplay v4.3.0 beta1 contains a heap-based buffer over-read.
The ...)
TODO: check
CVE-2018-17581 (CiffDirectory::readDirectory() at crwimage_int.cpp in Exiv2
0.26 has ...)
- exiv2 <unfixed> (low; bug #910060)
@@ -850,8 +868,8 @@ CVE-2018-17564
RESERVED
CVE-2018-17563
RESERVED
-CVE-2018-17562
- RESERVED
+CVE-2018-17562 (Multi-Tech FaxFinder before 5.1.6 has SQL Injection via a ...)
+ TODO: check
CVE-2018-17561
RESERVED
CVE-2018-17560
@@ -868,10 +886,10 @@ CVE-2018-17555 (The web component on ARRIS TG2492LG-NA
061213 devices allows rem
NOT-FOR-US: ARRIS TG2492LG-NA 061213 devices
CVE-2018-17554
RESERVED
-CVE-2018-17553
- RESERVED
-CVE-2018-17552
- RESERVED
+CVE-2018-17553 (An "Unrestricted Upload of File with Dangerous Type"
issue with ...)
+ TODO: check
+CVE-2018-17552 (SQL Injection in login.php in Naviwebs Navigate CMS 2.8 allows
remote ...)
+ TODO: check
CVE-2018-17551
RESERVED
CVE-2018-17550
@@ -894,8 +912,7 @@ CVE-2018-17542
RESERVED
CVE-2018-17541
RESERVED
-CVE-2018-17540 [denial-of-service vulnerability in the gmp plugin]
- RESERVED
+CVE-2018-17540 (The gmp plugin in strongSwan before 5.7.1 has a Buffer
Overflow via a ...)
{DSA-4309-1 DLA-1528-1}
- strongswan 5.7.1-1
NOTE:
https://www.strongswan.org/blog/2018/10/01/strongswan-vulnerability-(cve-2018-17540).html
@@ -1150,8 +1167,8 @@ CVE-2018-17430
RESERVED
CVE-2018-17429
RESERVED
-CVE-2018-17428
- RESERVED
+CVE-2018-17428 (An issue was discovered in OPAC EasyWeb Five 5.7. There is SQL
...)
+ TODO: check
CVE-2018-17427 (SIMDComp before 0.1.0 allows remote attackers to cause a
denial of ...)
NOT-FOR-US: SIMDComp
CVE-2018-17426
@@ -1190,8 +1207,8 @@ CVE-2018-17410 (Horus CMS allows SQL Injection, as
demonstrated by a request to
NOT-FOR-US: Horus CMS
CVE-2018-17409
RESERVED
-CVE-2018-17408
- RESERVED
+CVE-2018-17408 (Stack-based buffer overflows in Zahir Accounting Enterprise
Plus 6 ...)
+ TODO: check
CVE-2018-17406
RESERVED
CVE-2018-17405
@@ -11559,7 +11576,7 @@ CVE-2018-13114
RESERVED
CVE-2018-13113 (The transfer and transferFrom functions of a smart contract
...)
NOT-FOR-US: smart contract implementation for Easy Trading Token and
Ethereum token
-CVE-2018-13112 (get_l2len in common/get.c in Tcpreplay 4.3.0 beta 1 allows
remote ...)
+CVE-2018-13112 (get_l2len in common/get.c in Tcpreplay 4.3.0 beta1 allows
remote ...)
- tcpreplay <unfixed> (low; bug #902952)
[stretch] - tcpreplay <no-dsa> (Minor issue)
[jessie] - tcpreplay <no-dsa> (Minor issue)
@@ -29084,8 +29101,8 @@ CVE-2018-6697
RESERVED
CVE-2018-6696
RESERVED
-CVE-2018-6695
- RESERVED
+CVE-2018-6695 (SSH host keys generation vulnerability in the server in McAfee
Threat ...)
+ TODO: check
CVE-2018-6694
RESERVED
CVE-2018-6693 (An unprivileged user can delete arbitrary files on a Linux
system ...)
@@ -31986,8 +32003,8 @@ CVE-2018-5923
RESERVED
CVE-2018-5922
RESERVED
-CVE-2018-5921
- RESERVED
+CVE-2018-5921 (A potential security vulnerability has been identified with
certain HP ...)
+ TODO: check
CVE-2018-5920
RESERVED
CVE-2018-5919
@@ -93209,8 +93226,8 @@ CVE-2017-2753
RESERVED
CVE-2017-2752
RESERVED
-CVE-2017-2751
- RESERVED
+CVE-2017-2751 (A BIOS password extraction vulnerability has been reported on
certain ...)
+ TODO: check
CVE-2017-2750 (Insufficient Solution DLL Signature Validation allows potential
...)
NOT-FOR-US: HP printers
CVE-2017-2749
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/0e868201b8d327066cb1fd869a7b4b04a4f4ced3
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/0e868201b8d327066cb1fd869a7b4b04a4f4ced3
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
